| EPSRC Reference: |
EP/X037452/1 |
| Title: |
RESICS:Resilience and Safety to attacks in ICS and CPS |
| Principal Investigator: |
Lupu, Professor EC |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Computing |
| Organisation: |
Imperial College London |
| Scheme: |
Standard Research |
| Starts: |
01 September 2023 |
Ends: |
31 August 2026 |
Value (£): |
919,122
|
| EPSRC Research Topic Classifications: |
| Computer Sys. & Architecture |
Fundamentals of Computing |
|
| EPSRC Industrial Sector Classifications: |
|
| Related Grants: |
|
| Panel History: |
|
|
Summary on Grant Application Form |
We all critically depend on and use digital systems that sense and control physical processes and environments. Electricity, gas, water, and other utilities require the continuous operation of both national and local infrastructures to deliver their services. Industrial processes, for example for chemical manufacturing, production of materials such as cement, steel, aluminium or fertilizers, and manufacturing chains for car production or pharmaceuticals similarly lie at this intersection of the digital and the physical. This intersection also applies in other CPS such as robots, autonomous cars, and drones.
All such systems are exposed to malicious threats and have been the target of cyber-attacks by different threat actors ranging from disgruntled employees to hacktivists, terrorists, organised crime and nation states. The increasing fragility and vulnerability of our cyber-enabled society is rapidly approaching intolerable limits. As these systems become larger and more complex interruption of service in any of these infrastructures can cause significant cascading effects with safety, economic and societal impacts.
Because we critically depend on the operation of such systems, disruption to their operations must be minimised even when they are under attack and have been partially compromised. Because they operate in a physical environment, the safety of such systems must be preserved at all times to avoid physical damage and even threat to life. Therefore, ensuring the resilience of such systems, their survivability and continued operation when exposed to malicious threats requires the integration of methods and processes from security analysis, safety analysis, system design and operation that have traditionally been done separately and that each involve specialist skills and a significant amount of human effort. This is not only costly, but also error prone and delays response to security events.
The full integration and automation of such methodologies will be a challenge for many years to come. However, RESICS aims to significantly advance the state-of-the-art and deliver novel contributions that facilitate: a) risk analysis for such systems in the face of adversarial threats taking into account the impact of security events across the cascading inter-dependencies; b) characterising attacks that can have an impact on the safety of the system, identifying the paths that make such attacks possible; c) identifying countermeasures that can be applied to mitigate threats and contain the impact of attacks; and d) ensuring that such countermeasures can be applied whilst preserving the system's safety and operational constraints and maximising its availability. These contributions will be evaluated across several test beds, digital twins, a cyber range and a number of use-cases across different industry sectors. They will deliver increased automation, lower the skill requirements involved in the analysis and in mitigating threats and improve response times to security incidents.
To achieve these goals RESICS will combine model-driven and empirical approaches across both security and safety analysis, adopting a systems-thinking approach which emphasises Security, Safety and Resilience as emerging properties of the system. RESICS leverages preliminary results in the integration of safety and security methodologies with the application of formal methods and the combination of model-based and empirical approaches to the analysis of inter-dependencies in ICSs and CPSs.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.imperial.ac.uk |